How to Configure Azure Route Tables (UDR) using Azure Portal and ARM?

Packet routing in networks is handled via route tables be it physical networks or cloud-based networks. Route tables are an important component of network communication as they hold the rules and mechanism on the basis of which packets will be routed in a network. In cloud networks route tables perform the same function but packet routing happens in virtual networks. Route tables maintain IP address, virtual network gateway information for packet routing.

Today we look and see how to configure Azure Route tables (UDR) in Azure portal and ARM.

Related: What is Azure Route Server? How does it work?

What are Azure Route Tables or User Defined Routes (UDR)

Azure route tables or user Defined routing (UDR) let you create network routes which CloudGen Firewall VM can handle traffic between your subnets and Internet. To receive or forward traffic, IP forwarding must be enabled on network interfaces. When different route types are there in the UDR table, UDR routes take precedence over default system routes. When several routes match the destination, a more specific route is to be used. The default system route is present in Azure route table always to allow the following:

  • Enable traffic movement within the virtual network 
  • Enable traffic movement to Internet
  • Traffic movement between virtual networks using Azure VPN gateway
  • Traffic from virtual network to networks which are connected using Azure VPN gateway

Limitation

In one subset multiple network interfaces are not supported for standalone firewall VM.

How to configure Azure Route Tables (UDR)

Steps to Create Route Table

To create a route table in Azure portal, follow below steps:

Step 1: login to Azure portal :  https://portal.azure.com

Step 2: Click plus (+) to create route 

Step 3: Enter ‘route table’ in search and press Enter

Step 4: Select Route table

Step 5: Click on Create

Step 6: In Route table mention below settings

  • Subscription – Choose Azure subscription
  • Resource group – Choose an existing resource group or click to create new resource group (unique name) 
  • Region – Choose Azure data center where VM is to be deployed. The route table must be in same location as VMs and virtual network
  • Name – Provide route table name 

Step 7: Click Review + Create 

Step 8: Review settings and click on create

Steps to Add Routes

Next steps are now to ‘Add routes’ 

To use a firewall VM as gateway create user defined routes (UDR). 

If traffic needs to pass through a firewall VM between two subnets then a route needs to be created for each subnet using firewall VM gateway.

Step 1: Login to Azure portal :  https://portal.azure.com

Step 2: Open route table create earlier

Step 3: In settings tab click routes 

Step 4: In routes window click + Add

Step 5: In Add route column put

  • Route name – Unique route name
  • Destination Type – Choose IP address . enter destination IP range in CIDR. Default route is 0.0.0.0/0
  • Next Hop Type – Choose virtual appliance
  • Next Hop Address – Provide private IP address  in firewall VM

Related: Azure Routing Table: Azure Route & Next-Hop Types

Step 6: Click Add

Steps to Associate Route Table to Subnets

Next step is to associate route table to subnets

Step 1: Login to Azure portal :  https://portal.azure.com

Step 2: Open route table

Step 3: In Settings click subnets

Step 4: In subnets click + associate

Step 5: In Associate subnet expand virtual network and chose virtual network

Step 6: Expand subnet and choose 

Step 7: Click OK

Enable IP Forwarding 

Next step is to enable IP forwarding for network interface of VM firewall

Step 1: Login to Azure portal :  https://portal.azure.com

Step 2: Open network interface associated with firewall VM

Step 3: In settings click IP configurations 

Step 4: Choose box ‘enable IP Forwarding’

Step 5: Click apply to apply settings

Now CloudGen firewall VM can forward traffic to the Internet from backend VMs.

Leave a Comment

Select your currency
USD United States (US) dollar